Читать книгу Wiley Practitioner's Guide to GAAS 2017 - Flood Joanne M. - Страница 13

AU-C Original Pronouncements

Applicability

AU-C 220 addresses specific responsibilities of the auditor regarding quality control standards for an audit of financial statements. Quality control is the responsibility of the audit firm. AU-C 220 also addresses supervision of an audit.

AU-C 220 Definitions of Terms

Source: AU-C 220.09

Engagement partner. The partner or other person in the firm who is responsible for the audit engagement and its performance and for the auditor's report issued on behalf of the firm and who, when required, has the appropriate authority from a professional, legal, or regulatory body.

Engagement quality control review. A process designed to provide an objective evaluation, before the report is released, of the significant judgments the engagement team made and the conclusions it reached in formulating the auditor's report. The engagement quality control review process is only for those audit engagements, if any, for which the firm has determined that an engagement quality control review is required, in accordance with its policies and procedures.

Engagement quality control reviewer. A partner, other person in the firm, suitably qualified external person, or team made up of such individuals, none of whom is part of the engagement team, with sufficient and appropriate experience and authority to objectively evaluate the significant judgments that the engagement team made and the conclusions it reached in formulating the auditor's report.

Engagement team. All partners and staff performing the engagement and any individuals engaged by the firm or a network firm who perform audit procedures on the engagement. This excludes an auditor's external specialist engaged by the firm or a network firm.

The term engagement team also excludes individuals within the client's internal audit function who provide direct assistance on an audit engagement when the external auditor complies with the requirements of Section 610, Using the Work of Internal Auditors.6

Firm. A form of organization permitted by law or regulation whose characteristics conform to resolutions of the Council of the AICPA and which is engaged in the practice of public accounting.

Monitoring. A process comprising an ongoing consideration and evaluation of the firm's system of quality control, including inspection or a periodic review of engagement documentation, reports, and clients' financial statements for a selection of completed engagements, designed to provide the firm with reasonable assurance that its system of quality control is designed appropriately and operating effectively.

Network. An association of entities, as defined in ET Section 92, Definitions.

Network firm. A firm or other entity that belongs to a network, as defined in ET Section 92.

Partner. Any individual with authority to bind the firm with respect to the performance of a professional services engagement. For purposes of this definition, partner may include an employee with this authority who has not assumed the risks and benefits of ownership. Firms may use different titles to refer to individuals with this authority.

Personnel. Partners and staff.

Professional standards. Standards promulgated by the AICPA Auditing Standards Board or the AICPA Accounting and Review Services Committee under Rule 201, General Standards (ET sec. 201 par.01), or Rule 202, Compliance with Standards (ET sec. 202 par.01), of the AICPA Code of Professional Conduct, or other standards-setting bodies that set auditing and attest standards applicable to the engagement being performed and relevant ethical requirements.

Relevant ethical requirements. Ethical requirements to which the engagement team and engagement quality control reviewer are subject, which consist of the AICPA Code of Professional Conduct together with rules of applicable state boards of accountancy and applicable regulatory agencies that are more restrictive.

Staff. Professionals, other than partners, including any specialists that the firm employs.

Suitably qualified external person. An individual outside the firm with the competence and capabilities to act as an engagement partner (for example, a partner of another firm).

Objectives of AU-C Section 220

AU-C Section 220.08 states that:

…the objective of the auditor is to implement quality control procedures at the engagement level that provide the auditor with reasonable assurance that

a. the audit complies with professional standards and applicable legal and regulatory requirements and

b. the auditor's report issued is appropriate in the circumstances.

Requirements

Quality Control Standards

The engagement partner is responsible for the overall quality of the engagements to which the partner is assigned. An audit firm should establish a quality control system to provide it with reasonable assurance that its staff meets the requirements of professional standards and applicable legal and regulatory requirements and that reports are appropriate. (AC 220.03)

System of Quality Control

The nature and extent of a firm's quality control policies and procedures depend on the following five factors:

1. Firm size and the number of its offices

2. The degree of autonomy of personnel and practice offices

3. The knowledge and experience of its personnel

4. The nature and complexity of the firm's practice

5. The cost of developing and implementing quality control policies and procedures in relation to the benefits provided

When a firm establishes quality control policies and procedures, it should do the following:

1. Assign responsibilities to qualified personnel to implement quality control policies and procedures.

2. Communicate quality control policies and procedures to personnel (see below).

3. Monitor the effectiveness of the quality control system. The purpose is to determine that policies and procedures and the methods of implementing and communicating them are still appropriate.

NOTE: Flaws in, or a violation of, a firm's quality control do not necessarily indicate that an audit was not performed in accordance with GAAS.

Elements of Quality Control

When establishing its quality control policies and procedures, a firm should consider the elements of quality control:

● Leadership responsibilities for quality

● Ethical requirements

● Acceptance and continuance of clients

● Assignment of engagement terms

● Engagement performance

● Monitoring

NOTE: CPA firms or individuals that are enrolled in an AICPA-approved practice-monitoring program are obligated to adhere to quality control standards. In addition, the Principles of Professional Conduct indicate that members should practice in firms that have in place quality control procedures to provide reasonable assurance that services are competently delivered and adequately supervised. The Statements on Quality Control apply to a CPA firm's accounting, auditing, and attest practices.

Independence7

The engagement partner is responsible for the independence requirements for each audit and ensuring that these requirements are met. The engagement partner should:

● Evaluate the threats to independence,

● Evaluate any breaches, and

● Take appropriate action to eliminate or reduce threats to an appropriate level. If that cannot be done, the firm may have to withdraw from the engagement. (AU-C 220.13)

To be independent, auditors must be intellectually honest; to be recognized as independent, they must be free from any obligation to or interest in the client, its management, or its owners. For specific guidance, the auditor should look to AICPA and the state society codes of conduct and, if relevant, the requirements of the Securities and Exchange Commission (SEC).

Acceptance and Continuance of Client Relationships

The engagement partner must be satisfied that appropriate procedures regarding acceptance and continuance of clients have been performed and that appropriate conclusions were reached. (AU-C 220.14)

Policies and procedures should provide reasonable assurance that the firm will not be associated with clients whose management lacks integrity. A firm should:

● Undertake only engagements that can be completed with professional competence,

● Consider the client's integrity,

● Ensure that ethical requirements can be met, and

● Evaluate significant issues during current or previous audits and their implications for continuance.

(AU-C 220.A7)

Assignment of Engagement Teams

The engagement partner must be comfortable that the engagement team and external specialists are capable and have the appropriate competencies. (AU-C 220.16)

Direction, Supervision, and Performance

The engagement partner is responsible for the direction, supervision, and performance of the engagement with compliance with GAAS and the appropriateness of the report, performance of reviews, and that sufficient appropriate evidence has been obtained. (AU-C220.17)

The auditor with final responsibility for the audit should inform members of the engagement team about:

● Their responsibilities

● The responsibilities of the partners

● The objectives of the procedures they are to perform

● Aspects of the entity's business relevant to their assignment

● Risk-related issues

● Problems that may arise

● Details of the approach to the engagement

(AU-C 220.A12)

Supervision includes:

● Tracking the engagement progress

● Considering the competence of engagement team members

● Addressing significant findings or issues

● Identifying matters for consultation or referral to other team members

(AU-C 220.A13)

Engagement Performance

Reviewing Work

The engagement partners are responsible for the reviews following the firm's policies and procedures. In order to be sure that they are satisfied that the audit audience is sufficient and appropriate to support the conclusion, the engagement partners should review the audit documentation and discuss the engagement with the auditor. Then, this should be done on or before the date of the auditor's report. (AU-C 220.18-19)

The suitably experienced auditors should review the work of each team member and consider if:

1. The work was performed in accordance with professional standards and legal and regulatory requirements.

2. Significant issues were raised and considered.

3. Consultations, if necessary, took place and were documented.

4. The nature, timing, and extent of the work were appropriate.

5. Work performed supports the conclusion and is documented, and the evidence supports the auditor's report.

6. Objectives were achieved.

(AU-C 220.A16)

The engagement partner's review should allow time to resolve issues. (AU-C 220.A17)

Difference of Opinion

If differences of opinion arise among firm personnel about accounting or auditing issues in an audit, there should be:

1. Consultation to attempt resolution

2. Documentation of an assistant's disagreement, if he or she wants to be disassociated from the final resolution

3. Documentation of the basis for the final resolution

(AU-C 220.A23)

Assignment of Engagement Teams

When evaluating the competence of the engagement team, the engagement partner may consider:

1. Professional standards

2. Regulatory requirements

3. Relevant IT and specialized areas of accounting and auditing

4. The firm's quality control policies and procedures

5. The industry environment

Personnel should have experience in similar engagements through training and participation. Policies and procedures should also provide reasonable assurance that personnel refer to authoritative literature and consult, on a timely basis, with appropriate individuals when dealing with complex, unusual, or unfamiliar issues. (AU-C 220.A10)

Monitoring

The audit firm must establish a monitoring process. Policies and procedures should provide reasonable assurance that the above elements of quality control are suitably designed and effectively applied. (AU-C 220.A32) Monitoring involves:

1. Relevant and adequate policies and procedures that are complied with by members of the firm

2. Appropriate guidance and practice aids

3. Effective professional development activities

6

This paragraph was added by SAS No. 128.

7

Section 201 of the Sarbanes-Oxley Act of 2002 and the related SEC implementing rules contain significant independence requirements for auditors of public companies. For example, the SEC prohibits certain nonaudit services such as bookkeeping, internal audit outsourcing, and valuation services. All audit and nonaudit services performed by the auditor, including tax services, must be preapproved by the company's audit committee. In March 2003, the SEC issued final rules implementing Section 201 of the Act. The rules, Strengthening the Commission's Requirements Regarding Auditor Independence, can be found at www.sec.gov/rules/final/33-8183.htm.